741 matches found
Boxcryptor Cross Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2014-001 - Original release date: February 4, 2014 - Last revised: February 4, 2014 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 CVSSv2 Base Scored - CVE-ID: - =============================================...
CVE-2013-2639
Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...
Cross site scripting
Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...
CVE-2013-2639
Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...
CVE-2013-2639
CTERA Cloud Storage OS is affected by a Stored XSS in the Project Folder description field. Vulnerable on versions prior to 3.2.29.0 and 3.2.42.0; successful exploitation allows remote attackers to inject arbitrary script/HTML (risk includes possible session data exposure as noted in public write...
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS
Exploit for php platform in category web applications OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder that cause javascript code execution and HTML injection. INTRODUCTION CTERA Networks http://www.ctera.combridges the gap between cloud storage and local...
CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting
CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User...
CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting
Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder tha...
How to encrypt your files before uploading to Cloud Storage using CloudFogger
In this Internet savvy generation, we want all of our data to be secured at some place. Having backups of your data is always a good idea, whether that data is stored in the Cloud or on your computer. But everyone who is following the Edward Snowden leaks of the NSA's PRISM program now pushed to...
How Dark Mail Plans to Build an Open, Secure Email Platform
The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the...
Fake Dropbox Password Reset Spam Leads to Malware
A new spam campaign has been circulating over the last few weeks aiming to dupe users of the popular cloud storage service Dropbox. The e-mails purport to come from the service but instead lead those who click through to a malware landing page. Some of the emails start off fairly convincingly:...
SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal
SEC Consult Vulnerability Lab Security Advisory 20130605-0 ======================================================================= title: Multiple vulnerabilities in CTERA Portal product: CTERA Portal vulnerable version: 3.1 fixed version: 3.2 impact: Critical homepage: http://www.ctera.com found...
Smartphones cache poses huge risk for Cloud Storage Security
A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or...
Smartphones cache poses huge risk for Cloud Storage Security
A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you’re using. Whether you’re using a PC, laptop, tablet, smartphone, television, or...
SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6641 / 6643 / 6648)
The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues. The following security issues have been fixed : - Several buffer overread and overwrite errors in the UDF logical volume descriptor code have been fixed that might have have allowed local...
How The Free Market Fails Privacy-Conscious Consumers
Editor’s Note: This is the first of a two-part podcast with security researcher Chris Soghoian. It’s a truism that the pace of technological change outstrips society’s ability to grasp the impact of that change. For the most part, the consequences of this are benign and the remedies...
Use the Cloud
When it comes to search and seizure by customs agents, the cloud is your friend. A plethora of online services today make it easy to simply copy your sensitive data – or your entire drive’s contents – up to a hosted storage server. Once again, you’ll want to make sure that the connection to...
Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity
Offline Windows Analysis and Data Extraction OWADE - Forensics tool to expose all your online activity Researchers "Elie Bursztein" from Stanford University in California have managed to bypass the encryption on a PC's hard drive to find out what websites a user has visited and whether they have...
Greg Hoglund Discusses HBGary Mishap
Greg Hoglund, CTO of HBGary, admits that lackluster security played a central role in the breach that led to the release of some 50,000 company emails, but also disputes common understanding and reported details of the hack, going so far as to say there was actually no hack at all. In an intervie...
All about Microsoft Windows 8 !
Only Microsoft knows how the abutting adaptation of its Windows operating arrangement will attending and what it will be called, but big changes could be advanced for the OS that assemblage accredit to as "Windows 8." At this year's Consumer Electronics Appearance in Las Vegas, Microsoft appear...